Transcript of "Suppose they gave_a_cyberwar_by_w_f_slater_for_forensecure_2013_v02_"

1.
Suppose They Gave a Cyberwar and EVERYBODY Came?

2.
Suppose They Gave a Cyberwar and
EVERYBODY Came?
William F. Slater, III, M.S. MBA, PMP, CISSP, CISA
A Presentation for Forensecure 2013
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
2

3.
Agenda
•
•
•
•
•
•
•
•
•
•
•
•
•
Introduction
Cyberwar, Cyberattacks, Cyberdeterrence Defined
Some Great Writers and Thinkers on Warfare
Cyberweapons and the Nature of Cyberattacks
Who Is Doing This and Why?
The Reality of the Threats
How Vulnerable Are We in the U.S.?
Some Worst Case Scenarios
What Is the U.S. Government Doing to Defend the American Population?
What Can You and Your Business Do Today?
The Future of Cyberwar and Cyberattacks
Conclusion
Questions
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
3

4.
Introduction
•
•
•
A career Information Technology (IT)
professional since July 1977 , starting as a
young computer systems staff officer in the
United States Air Force supporting the
command control information systems that
provided real-time war plan asset information
to the Strategic Air Command Battle Staff
Completed Bellevue University’s M. S. in
Cybersecurity program on March 2, 2013
Since 2009, I chose this topic to research and
write about because as an IT professional in
cybersecurity, a former U.S. Air Force officer,
and a patriotic American, I am deeply
concerned about the recent unfolding events
of cyberattacks and cyberwarfare in
cyberspace.
April 16, 2013
July 1977
January 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
4

5.
WHAT’S REALLY HAPPENING ON THE
INTERNET AND WHERE IS IT ALL
GOING?
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
5

6.
This image was created by Go Globe in January 2011.
1000+
45+ Hours
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
6

7.
This image was created by Go Globe in January 2011.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
7

8.
How Many Internet Users?
Over 2.4 Billion!
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
8

9.
Cyberwarfare, Cyberattacks,
Cyberdeterrence Defined
• Cyberwarfare
Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage. It
is a form of information warfare sometimes seen as analogous to conventional warfare
although this analogy is controversial for both its accuracy and its political
motivation.(Wikipedia, 2013)
• Cyberattacks
Known as cyberattacks, this coined term can deal massive amounts of damage to
individuals or on a larger scale, companies or government establishments. It does not stop
there though, when government establishments or military establishments are attacked
through cyber methods, it is a whole new kind of attack known as cyberwarfare or
cyberterrorism. (Wikipedia, 2013).
• Cyberdeterrence
The efficacy of cyberdeterrence relies on the ability to impose or raise costs and to deny or
lower benefits related to cyber attack in a state’s decision-making calculus. Credible cyber
deterrence is also dependent on a state’s willingness to use these abilities and a potential
aggressor’s awareness that these abilities, and the will to use them, exist. (Beidleman,
2009)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally

10.
Critical Infrastructure?
• NIST takes its definition of “critical
infrastructure” from the 42 U.S.C.
5195c(e) which states that it is all “systems
and assets, whether physical or virtual, so vital
to the United States that the incapacity or
destruction of such systems and assets would
have a debilitating impact on security,
national economic security, national public
health or safety, or any combination of those
matters.”
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
10

11.
Threats, Vulnerabilities, and Controls
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
11

13.
Established Thinking and
Writing on Warfare
Sun Tzu
Napolean Bonaparte
Carl von Clausewitz
Nathan Bedford Forrest
John Boyd
According to Tzu, the proper application of his principles described in the Art of War,
will allow the wise commander to win. Wise commanders who seek to keep their
enemy guessing, off balance and reacting instead of acting is well on their way to
victory. Tzu sees the use of force almost as a last resort in war. The beauty of Tzu’s
principles is that they focus on victory with the least damage and the swiftest
resolution. This approach preserves lives, property, and public support for the
government or commanders who apply it wisely. --(Zapotoczny, 2006)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally

14.
Established Thinking and
Writing on Warfare
Sun Tzu
Napolean Bonaparte
Carl von Clausewitz
Nathan Bedford Forrest
John Boyd
Napoleon is credited with being great tactician and a military genius of his time. He took on all of Europe and gave everyone
a pretty good run for the money. His campaigns formed the basic of military education throughout the western world and a
lot of the military thinking is still influenced by the great Frenchman. Few, if any, commanders, before or since, fought more
wars and battles under more varied conditions of weather, terrain, and climate, and against a greater variety of enemies
than the French Emperor. His understanding of mass warfare and his success in raising, organizing, and equipping mass
armies revolutionized the conduct of war and marked the origin of modern warfare. From 1796, when he assumed his first
independent military command, until 1809, Napoleon displayed an astonishing near-invincibility in battle and an equally
astounding ability to use that battlefield success to compel his enemies to grant him his political objectives. A dazzled
Clausewitz had good reason to call Napoleon the "god of war."
His genius was essentially practical, and his military concepts evolved from the close study of earlier commanders,
particularly Frederick the Great. He made the fullest use of the ideas of his predecessors and breathed life into them."
(David Chandler - "Dictionary of the Napoleonic wars" p 18)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally

15.
Established Thinking and
Writing on Warfare
Sun Tzu
Napolean Bonaparte
Carl von Clausewitz
Nathan Bedford Forrest
John Boyd
Clausewitz was largely preoccupied with the massive application of force and attempts to mitigate friction in combat operations. He
defined friction as suffering, confusion, exhaustion, and fear. The problem with his line of a single definable center of gravity. Clausewitz
stressed the importance of finding the center of gravity, or the critical point at the critical time, upon which the outcome of the conflict
depended. In this author’s view, Clausewitz makes a mistake in not recognizing that combat often presents multiple smaller centers of
gravity. These multiple smaller centers of gravity can be individually exploited and isolated in the pursuit of overall advantage. By
exploiting several centers of gravity simultaneously, the enemy can be quickly thrown off balance.
Clausewitz did not see the importance of unconventional operations and how they could decrease the effectiveness of large opposing
forces without the need for a decisive clash of massed strength. He also did not pay attention to how friction could be used against the
enemy. Instead, he focused on how to limit friction’s impact on one’s own forces. His concentration on the importance of destroying the
enemy in combat using strength against strength goes against Sun Tzu’s concept of attacking the enemy’s strategy --(Zapotoczny, 2006)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally

16.
Established Thinking and
Writing on Warfare
Sun Tzu
Napolean Bonaparte
Carl von Clausewitz
Nathan Bedford Forrest
John Boyd
Quotes
“War means fighting and fighting means killing”
Tactics
Always exaggerated his own strength
“Get there first with the most”
Forrest’s troops, if captured, would also exaggerate
“Whenever you see something blue, shoot at it,
and do all you can to keep up the scare”
Surrounded fort in the town, expressed the desire to avoid unnecessary
bloodshed
“Charge them both ways” (Forrest caught between
two larger Union armies)
Invite the enemy commander to see for himself that he is hopelessly
outnumbered
Builds campfires for a ghost army
Knew when it is time to go
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally

19.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
19

20.
CYBERWEAPONS AND THE NATURE
OF CYBERATTACKS
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
20

21.
Some Characteristics of Cyberwarfare
•
•
•
•
•
•
•
•
•
•
•
It’s fast: Cyberattacks happen at Internet speeds
It happens in “Cyberspace”
If you are connected to the Internet, you are vulnerable to Cyberattacks
Targets of opportunity are plentiful (i.e. any IP-device, and also SCADA
devices)
Damage can cripple critical infrastructure, up to entire cities
Damage from Espionage and DDoS can have far-reaching negative effects
It’s cheap and getting cheaper (thanks to Moore’s Law and the “Force
Multiplier” advantage)
It’s sophisticated and getting more sophisticated
It’s complex to understand and defend against
It’s extremely complex due to laws, policies, and regulations, in the U.S.
and in other countries
It’s not your Father’s Battlefield or War.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
21

22.
What Makes Cyberwarfare Difficult
to Analyze and Understand?
• Lack of Agreement on Nature and Definitions Among
Major International Players
• The Secretive Nature, Lack of Disclosure, and Denials
• Attribution
• Provability
• It’s unpredictable
• Who is “the enemy?”
• Who are the “good guys?”
• Constantly changing
• Increasingly sophisticated
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
22

26.
Cyberwar and Cyberattacks
• Dangers and incidents related to
cyberattacks and cyberwar
continue to increase at an
alarming rate
• Compliance with security
frameworks can help
• But… entire infrastructures,
cities, and countries are at risk
• The Solutions will lie in National
Policy, Regulation, preparation,
and some form of deterrence
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
26

28.
THE REALITY OF THE THREATS
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
28

30.
Threat Analysis
• The threat of cyberattacks and cyberwar are very real
• The quantity of cyberattacks and cyberwar incidents has
increased dramatically since 2007, and it continues to
increase daily
• The sophistication of cyberattacks and cyberweapons has
grown dramatically since 2009
• There is now a dire need to incorporate strategies to deal
with the threats of cyberattacks, cyberwarfare, and
cyberdeterrence into the U.S. CONOPS Plan
• The lack of effective national plans and policies to effectively
address cyberwarfare and cyberdeterrence constitutes a
threat itself
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
30

32.
The Top Four Countries in
Cyberwarfare Capability (as of 2009)
Table 1 – Country Cyber Capabilities Ratings (Technolytics, 2012)
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
32

33.
WHO IS DOING THIS AND WHY?
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
33

34.
February 2013
March 2013
http://sicherheitstacho.eu/
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
34

37.
HOW VULNERABLE ARE WE IN THE
U.S.?
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
37

38.
Recorded Cyberattacks
http://sicherheitstacho.eu/
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
38

39.
Recorded Cyberattacks
http://sicherheitstacho.eu/
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
39

40.
Types of Targets for Cyberattacks
http://sicherheitstacho.eu/
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
40

41.
Some Worst Case Scenarios
•
•
•
•
•
Espionage and lost trade secrets
DDoS attacks on banks and other financial
institutions
Attacks on SCADA systems
Attacks on banks and the financial system
Catastrophic attacks on critical infrastructure
facilities and targets
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
41

42.
What Is the U.S. Government Doing to
Defend the American Population?
•
•
•
•
•
•
•
•
•
U.S Cyber Command, June 23, 2009
Policies that describe the U.S.’s interest in
protecting and defending cyberspace
Several Cyberwarfare units created in the U.S.
Military
Internet “Kill Switch”, September 2012
Presidential Policy Directive 20, November 14,
2012
Executive Order on Cybersecurity and Critical
Infrastructure, February 12, 2013
New Sophisticated Offensive Cyberweapons
Cooperation, agreements, and exchange of
information with allies and organizations
The Federal Government will spend over $65
Billion on Cybersecurity, 2013 – 2018.
April 16, 2013
Motto in MD5 Hash9 ec4c12949a4f31474f299058ce2b22a
"USCYBERCOM plans, coordinates, integrates,
synchronizes and conducts activities to: direct the
operations and defense of specified Department of
Defense information networks and; prepare to, and
when directed, conduct full spectrum military
cyberspace operations in order to enable actions in
all domains, ensure US/Allied freedom of action in
cyberspace and deny the same to our adversaries."
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
42

43.
Cyberwar and Cyberattacks –
Some Present Challenges to Resolution
•
•
•
•
•
•
•
The lack of international definition and agreement on what
constitutes an act of cyberwar (Markoff and Kramer, 2009).
The lack of the ability to clearly attribute the source of an
attack (Turzanski and Husick, 2012).
The ability for non-state actors to conduct potent
cyberattacks (Turzanski and Husick, 2012).
The inability to clearly define what the exact nature of critical
infrastructure targets (Turzanski and Husick, 2012).
The massive proliferation and reliance on ubiquitous, highly
insecure, vulnerable systems based on SCADA technologies
during the 1980s and 1990s (Turzanski and Husick, 2012).
The continually changing landscape of information
technology including the vulnerabilities and threats related to
systems that are obsolete, yet remain in operational use for
several years past their intended useful life.
Consider the following slide that defines the complexity of
defense…
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
43

48.
What Can You and
Your Organization Do Today?
• Continually Educate yourself, friends, colleagues and
family
• Adopt and implement, and follow a security
compliance framework, such as ISO 27001
• Continually improve your security controls and your
security posture
• Report incidents that result in more than $5000
damage to the Internet Crime Complaint Center
www.ic3.gov
• Defend yourself (ask me more about this later)
• Do not attack or return fire
• Remain vigilant
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
48

49.
How does Title 10 of the U.S. Code
Affect Cyberwarfare and the Average U.S.
Citizen?
• American Citizens are legally prohibited from
responding offensively to cyberattacks
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
49

50.
Career Opportunities?
• Yes – The U.S. Government is hiring
Cybersecurity Professionals
• Private Industry will be picking up more and
more Cybersecurity experts
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
50

51.
Career Development Opportunities?
Illinois Institute of Technology
Bellevue University
• M.S. in Cyber Forensics and
Security
• M.S. in Cybersecurity
• B.S. in Cybersecurity
http://www.itm.iit.edu/cybersecurity/index.php
April 16, 2013
http://www.bellevue.edu/degrees/graduate/cybersecurity-ms/
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
51

52.
Final Recommendations for Our National
Command Authorities
• Create National Policies that clearly and publically
define the U.S.’s capabilities and intentions related to
cyberwarfare and cyberdeterrence
• Based on the principles and philosophies described in
these newly created national policies, it is imperative
to modify the U.S. CONOPS Plan for war with
strategies for cyberwarfare and cyberdeterrence
• Following these recommendations will probably make
the U.S. and the world of cyberspace a bit safer
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2013 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
52

53.
Conclusion
• In 2012 and 2013, cyberattacks, cyberweapons, and
cyberwarfare events are growing in number, frequency,
and sophistication
• Due to our dependence on Cyberspace, we are living in
dangerous times because of the current and worsening
cyberthreat landscape
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
53

54.
We Will Be Living in
Interesting Times From Now On…
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
54

57.
References
http://sicherheitstacho.eu/
Realtime World wide cyberattack monitoring service launched by Germany’s
Deutsche Telecom Besides a real-time overview of current attacks, recorded by a
total of 97 sensors, the website also provides statistics such as the top 15 source
countries, distribution of attack targets, total number of attacks per day and overall
sum of attackers per day.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
57

58.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
58

59.
References
http://map.honeynet.org/
Realtime World wide cyberattack monitoring service launched by the Honeynet
Project.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
59

60.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
60

62.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
62

63.
References
Beidleman, S. W. (2009). Defining and Deterring Cyber War - Homeland Security Digital Library.
Retrieved from https://www.hsdl.org/?view&did=28659 on March 18, 2013.
Bousquet, A. (2009). The Scientific Way of Warfare: Order and Chaos on the Battlefields of
Modernity. New York, NY: Columbia University Press.
Carr, J. (2012). Inside Cyber Warfare, second edition. Sebastopol, CA: O’Reilly.
Crosston, M. (2011). World Gone Cyber MAD: How “Mutually Assured Debilitation” Is the Best
Hope for Cyber Deterrence. An article published in the Strategic Studies Quarterly, Spring 2011.
Retrieved from http://www.au.af.mil/au/ssq/2011/spring/crosston.pdf on October 10, 2012.
Fayutkin, D. (2012). The American and Russian Approaches to Cyber Challenges. Defence Force
Officer, Israel. Retrieved from http://omicsgroup.org/journals/2167-0374/2167-0374-2-110.pdf
on September 30, 2012.
Hagestad, W. T. (2012). 21st Century Chinese Cyberwarfare. Cambridgeshire, U.K.: IT
Governance.
Hyacinthe, B. P. (2009). Cyber Warriors at War: U.S. National Security Secrets & Fears Revealed.
Bloomington, IN: Xlibris Corporation.
Kramer, F. D. (ed.), et al. (2009). Cyberpower and National Security. Washington, DC: National
Defense University.
Libicki, M.C. (2009). Cyberdeterrence and Cyberwar. Santa Monica, CA: Rand Corporation.
Markoff, J. and Kramer, A. E. (2009). U.S. and Russia Differ on a Treaty for Cyberspace. An article
published in the New York Times on June 28, 2009. Retrieved from
http://www.nytimes.com/2009/06/28/world/28cyber.html?pagewanted=all on June 28, 2009.
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
63

64.
References
Obama, B. H. (2012). Defense Strategic Guidance 2012 - Sustaining Global Leadership: Priorities for 21st
Century Defense. Published January 3, 2012. Retrieved from
http://www.defense.gov/news/Defense_Strategic_Guidance.pdf on January 5, 2012.
Technolytics. (2012). Cyber Commander's eHandbook: The Weaponry and Strategies of Digital Conflict,
third edition. Purchased and downloaded on September 26, 2012.
Turzanski, E. and Husick, L. (2012). “Why Cyber Pearl Harbor Won't Be Like Pearl Harbor At All...” A
webinar presentation held by the Foreign Policy Research Institute (FPRI) on October 24, 2012. Retrieved
from http://www.fpri.org/multimedia/2012/20121024.webinar.cyberwar.html on October 25, 2012.
U.S. Army. (1997). Toward Deterrence in the Cyber Dimension: A Report to the President's Commission on
Critical Infrastructure Protection. Retrieved from
http://www.carlisle.army.mil/DIME/documents/173_PCCIPDeterrenceCyberDimension_97.pdf on
November 3, 2012.
U.S. Department of Defense. ((2013). Department of Defense - Defense Science Board – Task Force
Report: Resilient Military Systems and the Advanced Cyber Threat, published January 2013. Retrieved
from http://www.acq.osd.mil/dsb/reports/ResilientMilitarySystems.CyberThreat.pdf on March 16, 2013.
Wagner, K. (2013). The NSA Is Training 13 Teams of Covert Hackers to Attack Other Countries. And article
published on March 13, 2013. Retrieved from http://gizmodo.com/5990346/the-nsa-is-training-13-teamsof-covert-hackers-to-attack-other-countries on March 19, 2013.
Articles at http://www.cyberwarzone.com
Papers at http://billslater.com/writing
April 16, 2013
Suppose They Gave a Cyberwar and Everybody Came ? (version 2.0)
Copyright 2012 by William F. Slater, III, Chicago, IL, U.S.A.. All rights reserved nationally and internationally
64